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Claims 1 to 11 were pending in the application at the time 
of examination. Claims 1 to 11 stand rejected as anticipated. ' 

Applicants have amended the description to correct 
grammatical errors. Also, a review of the drawings indicated 
that Fig. 12 includes two instances of reference numeral 1240; 
Fig. 17 includes two instances of reference numeral 172 0; and 
Fig. 24 includes two instances of reference numeral 242 0. 
Applicants have amended the specification so that the "end with 
failure" element in Fig. 12 has reference numeral 1245; "user 
data 10" element in Fig. 17 has reference numeral 1721; and 
"user data 10" element in Fig. 24 has reference numeral 2421. 
These amendments add clarity by giving each distinct element in 
the drawings a distinct reference numeral and so do not add new 
matter. Applicants are obtaining corrected drawings and will 
submit replacement sheets under separate cover when the 
corrected drawings are received. 

Applicants note that no §112 rejections were given in the 
instant application. Applicants have amended Claims 7 to 9 and 
11 to correct a minor antecedent basis informality. Since no 
§112 rejections were given, these amendments do not affect the 
scope of the claims and so do not affect the patentability of 
the claims. Claim 5 is amended to correct a grammatical 
informality. Claims 1 to 4 are amended to make explicit that 
which was implicit in these claims, i.e., the party that 
performs the action. 

Claims 1 to 11 stand rejected under 35 U.S.C. § 102(e) as 
being anticipated by U.S. Patent Application Publication No. 
2003/0039361 of Hawkes et al . , hereinafter '361. 

Prior to considering the rejection, Applicants 
respectfully note that '361 has a filing date of August 28, 
2002, which is after Applicants' filing date of October 29, 
2001. Accordingly, based upon the filing dates, '361 is not a 
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proper reference. However, 361' is identified as a 
continuation in part of U.S. Patent Application Serial No. 
09/933,972, which had a filing date of August 20, 2001. Public 
Pair was used to determine the status of U.S. Patent 
Application Serial No. 09/933,972 and Public Pair showed a U.S. 
Patent Application Publication No. 2002/0141591 Al, hereinafter 
referred to a '591. 

A comparison of '361 with '591 shows that '361 included 
considerable information that was not included in '591. 
Accordingly, to the extent that the rejection relies upon 
information in f 361 that does not appear in '591, the rejection 
is not well founded, because the filing date for the 
information added in '361 is after Applicants' filing date. 

The rejection cited the abstract, Figs. IE to 14 and 18 to 
24 and paragraphs [0052] et seq. , [0070] et seq., and [0078] et 
seq. The Abstract in '361 includes two sentences (the last 
two) not in the Abstract in '591. Figs. 9 to 14 and 18 to 24 
are not found in '591. Much of the basis for the rejection has 
a date that is after Applicants' filing date and so is not a 
proper reference. To the extent that the '361 is a proper 
reference, the information must have the filing data of the 
'591. To move the prosecution forward, Applicants have 
considered the information in '591, and to the extent that it 
quoted in the following response, reference will be made to 
both publications if it appears in both. 

The rejection stated: 

As per claims 1-11, '361 teaches a method and 
apparatus for security in a data processing system 
comprising: privacy protection, identification, enrolling 
for a service, a randomized identifier, a communication 
network, a storage device, a smart card/UIM, authority 
peer group ID/content provider, cryptograms, credential 
data, credential request, a Kerberos ticket/message and 
service provider. 
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Applicants respectfully traverse the anticipation 
rejection of Claim 1. Applicants electronically searched ! 591 
for any words that included "random" and the phrase only 
appeared in the following context. 

[0045] PGP combines features from symmetric and asymmetric encryption. FIGS. ID and IE 
illustrate a PGP cryptosystem 50, wherein a plaintext message is encrypted and recovered. In FIG. ID, 
the plaintext message is compressed to save modem transmission time and disk space. Compression 
strengthens cryptographic security by adding another level of translation to the encrypting and 
decrypting processing. Most cryptanalysis techniques exploit patterns found in the plaintext to crack the 
cipher. Compression reduces these patterns in the plaintext, thereby enhancing resistance to 
cryptanalysis. Note that one embodiment does not compress plaintext or other messages that are too 
short to compress or which don't compress well aren't compressed. 



[0046] PGP then creates a session key, which is a one-time-only secret key. This key is a random 
number that may be generated from any random event(s) , such as random movements of mouse and the 
keystrokes while typing. The session key works with a secure encryption algorithm to encrypt the 
plaintext, resulting in ciphertext. Once the data is encrypted, the session key is then encrypted to the 
recipient's public key. This public key-encrypted session key is transmitted along with the ciphertext to 
the recipient. (Emphasis added.) 



[0047] For decryption, as illustrated in FIG. IE, the recipient's copy of PGP uses a private key to 
recover the temporary session key, which PGP then uses to decrypt the conventionally encrypted 
ciphertext. The combination of encryption methods takes advantage of the convenience of public key 
encryption and the speed of symmetric encryption. Symmetric encryption is generally much faster than 
public key encryption. Public key encryption in turn provides a solution to key distribution and data 
transmission issues. In combination, performance and key distribution are improved without any 
sacrifice in security. 



[0048] A key is a value that works with a cryptographic algorithm to produce a specific ciphertext. Keys 
are basically very large numbers. Key size is measured in bits. In public key cryptography, security 
increases with key size, however, public key size and the symmetric encryption private key size are not 
generally related. While the public and private keys are mathematically related, a difficulty arises in 
deriving a private key given only a public key. Deriving the private key is possible given enough time 
and computing power, making the selection of key size an important security issue. The goal is to have a 
large key that is secure, while maintaining key size sufficiently small for quick processing. An additional 
consideration is the expected interceptor, specifically, what is the importance of a message to a third 
party, and how much resource does a third party have to decrypt. 



' 361, [0055] to [0058] 
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The session key, as quoted above, is generated on the 
user's system and so is not received "in response to 
enrolling," as recited in Claim 1. Applicants respectfully 
note that for an anticipation rejection the MPEP requires "The 
identical invention must be shown in as complete detail as is 
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contained in the ... claim. 1 " MPEP §2131, 8th Ed., Rev. 3, p. 
2100-76 (August 2005) . " Since the above text was the only 
portion of ! 591 with words that included "random, " the 
reference fails to teach the invention to the same level of 
detail as recited in Claim 1. It is not enough that the 
reference teach generally a method of securing information 
transferred between two parties, the MPEP requires that the 
identical invention be shown. Accordingly, Applicants 
respectfully request reconsideration and withdrawal of the 
anticipation rejection of Claim 1. 

Claims 2 to 4 each recite a "randomized ID." Accordingly, 
the above comments with respect to Claim 1 are applicable to 
each of these claims and so are incorporated herein by 
reference. Applicants respectfully request reconsideration and 
withdrawal of the anticipation rejection of each of Claims 2 
to 4. 

With respect to the anticipation rejection of Claim 5, 
Claim 5 recites in part: 

credential data; 

an authority peer group ID that identifies an 
entity that provided data authentication for said 
credential, said entity comprising a one or more 
network servers in a data communications network, one 
of said one or more network servers providing data 
authentication for said credential; and 

a cryptogram provided by said entity and used to 
authenticate said credential data. 
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To anticipate Claim 5, the f 591 must include a teaching of 
a structure that includes this information in the same level of 
detail as recited in the claim. The "591 described a secret 
key RK when a user registered with a content server. However, 
this key is set up after the user registers. Accordingly, this 
teaching fails to teach or suggest that an authority peer group 
ID is stored with the credential data and with a cryptogram 
used to authenticate the credential data. The rejection has 
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cited no teaching that the registration key is used to 
authenticate any credential data. If the Examiner continues 
the rejection, the Examiner is respectfully requested to cite 
with specificity what is considered the credential data, the 
authority peer group ID, and the cryptogram. Applicants 
respectfully request reconsideration and withdrawal of the 
anticipation rejection of Claim 5. 

Applicants respectfully traverse the anticipation 
rejection of Claim 6. The comments above with respect to a 
randomized identifier are incorporated herein by reference. 
Further, the rejection has failed to cite any teaching of 

said credential comprising: 

a randomized identifier; 
credential user data; and 

an indication of the credential user data 
verification performed by said authority in response 
to said credential request. 
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The various keys described in '591 fail to teach a 
credential having the three recited attributes. Therefore, the 
'591 fails to teach the invention in the same level of detail 
as recited in Claim 6. Applicants request reconsideration and 
withdrawal of the anticipation rejection of Claim 6. 

Applicants respectfully traverse the anticipation 
rejection of Claims 7 to 9 . Each of Claims 7 to 9 recites in 
part, "said Kerberos ticket comprising a randomized user ID." 
As noted with respect to Claim 1 and incorporated herein by 
reference, f 591 uses "random" only with respect to a PGP key. 
An electronic search of '591 failed to find any instance of 
either "ticket" or "Kerberos." Since the reference fails to 
include either word and includes "random" only with respect to 
a PGP key. The reference fails to meet the requirements of the 
MPEP with respect to an anticipation rejection as quoted above. 
Applicants respectfully request reconsideration and withdrawal 
of the anticipation rejection of each of Claims 7 to 9. 
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Claim 10 has been cancelled and so the rejection is 
rendered moot . 

Applicants respectfully traverse the anticipation 
rejection of Claim 11. Claim 11 recites in part: 



a service provider configured to accept a 
service request and enrollment results obtained from 
an enrollment authority, said service provider 
capable of communicating with said enrollment 
authority to verify said enrollment results, said 
service provider configured to provide said service 
based upon said enrollment results and a response 
from said enrollment authority (Emphasis added) 



The rejection has failed to cite any teaching of a service 
provider that is capable of communicating with an enrollment 
authority and that can provide a service based on a response 
from the enrollment authority. Accordingly, the rejection 
fails to demonstrate that the reference teaches the invention 
in the same level of detail as recited in Claim 11. Applicants 
respectfully request reconsideration and withdrawal of the 
anticipation rejection of Claim 11. 

Claims 1 to 9 and 11 remain in the application. Claims 1 
to 5, 7 to 9 and 11 have been amended. Claim 10 has been 
cancelled. For the foregoing reasons, Applicant (s) respectfully 
request allowance of all pending claims. If the Examiner has 
any questions relating to the above, the Examiner is 
respectfully requested to telephone the undersigned Attorney 
for Applicant (s) . 
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